Routes updates

Add role to acces admin management (RespoCE & Arbitre)

Author: T1gr0uu

backend/src/controllers/auth.controller.ts

@@ -2,6 +2,7 @@ import { Request, Response } from 'express';
 import * as auth_service from '../services/auth.service';
 import * as user_service from '../services/user.service';
 import * as email_service from '../services/email.service';
+import * as role_service from '../services/role.service';
 import bigInt from 'big-integer';
 import { Error, Ok, Unauthorized } from '../utils/responses';
 import { decodeToken } from '../utils/token';
@@ -60,8 +61,17 @@ export const handlecasticket = async (req: Request, res: Response) => {
                 if (!id){ Error(res,{ msg: "Pas d'id" }); return;}
 
                 await user_service.updateUserStudent( CASuser.givenName, CASuser.sn, CASuser.email);
+
+                // Récupérer les rôles de l'utilisateur
+                  const userRoles = await role_service.getUserRoles(user.id); // [{ roleId, roleName }]
+                
+                  // Ajouter les rôles à l'objet utilisateur
+                  const enrichedUser = {
+                    ...user,
+                    roles: userRoles,
+                  };
 
-                const token = auth_service.generateToken(user);
+                const token = auth_service.generateToken(enrichedUser);
 
 
                 Ok(res, { data: { token } })

backend/src/controllers/role.controller.ts

@@ -134,7 +134,7 @@ export const getUserRoles = async (req: Request, res: Response) => {
         return;
      }
 
-      const userRoles = await role_service.getUserRoles(userId);
+      const userRoles = await role_service.getUserRoles(Number(userId));
       Ok(res,{ data: userRoles });
       return;
     } catch (error) {

backend/src/controllers/team.controller.ts

@@ -117,6 +117,21 @@ export const getTeamUsers = async (req: Request, res: Response) => {
 
 }
 
+export const getAllTeamsWithUsers = async (req: Request, res: Response) => {
+
+    try {
+        const teamUsers = await team_service.getAllTeamsWithUsers();
+        Ok(res,{ data: teamUsers });
+        return;
+        } catch (error) {
+        console.error(error);
+        Error(res,{ msg: "Erreur interne lors de la récupération des utilisateurs avec leurs rôles." });
+        return;
+    
+    }
+
+}
+
 export const getTeamFaction = async (req: Request, res: Response) => {
 
     const {teamId} = req.query;

backend/src/database/initdb/initrole.ts

@@ -5,6 +5,7 @@ import { roleSchema } from "../../schemas/Basic/role.schema";
 // Liste des rôles avec leurs descriptions
 const roles = [
     { name: "Animation", description: "Animer, divertir et motiver les CE et les nouveaux étudiants tout au long de la pré-inté et de l’inté." },
+    { name: "Arbitre", description: "Arbitrer les différents défis pendant le semaine d'intégration." },
     { name: "Bouffe", description: "Prévoir, organiser et coordonner tous les repas de l’inté. La bouffe c’est sacré !" },
     { name: "Cahier de vacances", description: "Élaborer le futur cahier de vacances des nouveaux avec des petits exercices et blagues." },
     { name: "Communication & Graphisme", description: "Préparer et gérer toute la communication de l’intégration, créer une charte graphique." },

backend/src/middlewares/auth.middleware.ts

@@ -1,7 +1,5 @@
 import { Request, Response, NextFunction } from "express";
-import jwt, { JwtPayload } from "jsonwebtoken";
 import { Unauthorized } from "../utils/responses"; // Assurez-vous que cette fonction est bien définie
-import { jwtSecret } from "../utils/secret";
 import { decodeToken } from "../utils/token";
 
 

backend/src/middlewares/user.middleware.ts

@@ -1,24 +1,41 @@
-import { Request, Response, NextFunction } from 'express';
-import { Unauthorized } from '../utils/responses';
+import { Request, Response, NextFunction } from "express";
+import { Unauthorized } from "../utils/responses"; // adapte selon ton projet
 
-// Middleware pour vérifier le rôle
-export const checkRole = (requiredRole: string) => {
+export const checkRole = (
+  requiredPermission?: string,
+  requiredRoles?: string[]
+) => {
   return (req: Request, res: Response, next: NextFunction) => {
+    const user = req.user;
 
-    if (!req.user) {
-       Unauthorized(res,{ msg: 'Accès non autorisé' });
-       return;
+    if (!user) {
+      Unauthorized(res, { msg: "Accès non autorisé" });
+      return;
     }
-    const user = req.user
+
     try {
-      if (user.userPermission !== requiredRole && user.userPermission !== 'Admin'){
-         Unauthorized(res,{ msg: 'Accès interdit, rôle insuffisant' });
-         return;
+      const isAdmin = user.userPermission === "Admin";
+
+      const hasPermission =
+        !requiredPermission || user.userPermission === requiredPermission;
+
+      const hasRole =
+        !requiredRoles ||
+        (Array.isArray(user.userRoles) &&
+          user.userRoles.some((role: { roleName: string }) =>
+            requiredRoles.includes(role.roleName)
+          ));
+
+      if (!isAdmin && !(hasPermission || hasRole)) {
+        Unauthorized(res, {
+          msg: "Accès interdit, rôle ou permission insuffisants",
+        });
+        return;
       }
+
       next();
     } catch (err) {
-       Unauthorized(res,{ msg: 'Token invalide ou expiré' });
-       return;
+      Unauthorized(res, { msg: "Token invalide ou expiré" });
     }
   };
-};
+};

backend/src/routes/challenge.routes.ts

@@ -5,14 +5,14 @@ import { checkRole } from "../middlewares/user.middleware";
 const challengeRouter = express.Router();
 
 // Admin routes
-challengeRouter.post("/admin/challenge", checkRole("Admin"), challengeController.createChallenge);
-challengeRouter.delete("/admin/delete", checkRole("Admin"), challengeController.deleteChallenge);
-challengeRouter.put("/admin/updatechallenge", checkRole("Admin"), challengeController.updateChallenge);
-challengeRouter.post("/admin/validate", checkRole("Admin"), challengeController.validateChallenge);
-challengeRouter.post("/admin/unvalidate", checkRole("Admin"), challengeController.unvalidateChallenge);
-challengeRouter.get("/admin/challenges", checkRole("Admin"), challengeController.getAllChallenges);
-challengeRouter.get("/admin/validatedchallenges", checkRole("Admin"), challengeController.getValidatedChallenges);
-challengeRouter.post("/admin/assignpoints", checkRole("Admin"), challengeController.addPointsToFaction); 
+challengeRouter.post("/admin/challenge", checkRole("Admin", ["Arbitre"]), challengeController.createChallenge);
+challengeRouter.delete("/admin/delete", checkRole("Admin", ["Arbitre"]), challengeController.deleteChallenge);
+challengeRouter.put("/admin/updatechallenge", checkRole("Admin",["Arbitre"]), challengeController.updateChallenge);
+challengeRouter.post("/admin/validate", checkRole("Admin", ["Arbitre"]), challengeController.validateChallenge);
+challengeRouter.post("/admin/unvalidate",checkRole("Admin", ["Arbitre"]), challengeController.unvalidateChallenge);
+challengeRouter.get("/admin/challenges", checkRole("Admin", ["Arbitre"]), challengeController.getAllChallenges);
+challengeRouter.get("/admin/validatedchallenges", checkRole("Admin", ["Arbitre"]), challengeController.getValidatedChallenges);
+challengeRouter.post("/admin/assignpoints", checkRole("Admin", ["Arbitre"]), challengeController.addPointsToFaction); 
 
 
 // User routes

backend/src/routes/faction.routes.ts

@@ -6,10 +6,10 @@ const factionRouter = express.Router();
 
 
 // Admin routes
-factionRouter.get("/admin/factions",checkRole("Admin") ,factionController.getFactions);
-factionRouter.get("/admin/faction",checkRole("Admin") ,factionController.getFaction);
-factionRouter.post("/admin/createfaction",checkRole("Admin") ,factionController.createFaction);
-factionRouter.delete("/admin/deletefaction",checkRole("Admin") ,factionController.deleteFaction);
+factionRouter.get("/admin/factions",checkRole("Admin", ["Respo CE", "Arbitre"]) ,factionController.getFactions);
+factionRouter.get("/admin/faction",checkRole("Admin", ["Respo CE"]) ,factionController.getFaction);
+factionRouter.post("/admin/createfaction",checkRole("Admin", ["Respo CE"]) ,factionController.createFaction);
+factionRouter.delete("/admin/deletefaction",checkRole("Admin", ["Respo CE"]) ,factionController.deleteFaction);
 
 //Student Routes
 factionRouter.get("/user/factions",factionController.getFactions);

backend/src/routes/team.routes.ts

@@ -10,13 +10,14 @@ const teamRouter = express.Router();
 teamRouter.post("/user/create",checkRole("Student") ,teamController.createNewTeam);
 
 //Admin Routes
-teamRouter.post("/admin/createlight",checkRole("Admin") ,teamController.createNewTeamLight);
-teamRouter.get("/admin/teams",checkRole("Admin") ,teamController.getTeams);
-teamRouter.get("/admin/teamswithfactions",checkRole("Admin") ,teamController.getTeamsWithfactions);
-teamRouter.get("/admin/teamfaction",checkRole("Admin") ,teamController.getTeamFaction);
-teamRouter.put("/admin/modify",checkRole("Admin") ,teamController.modifyTeam);
-teamRouter.get("/admin/teamusers",checkRole("Admin") ,teamController.getTeamUsers);
-teamRouter.delete("/admin/delete",checkRole("Admin") ,teamController.deleteTeam);
+teamRouter.post("/admin/createlight",checkRole("Admin", ["Respo CE"]) ,teamController.createNewTeamLight);
+teamRouter.get("/admin/teams",checkRole("Admin", ["Respo CE", "Arbitre"]) ,teamController.getTeams);
+teamRouter.get("/admin/teamswithfactions",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamsWithfactions);
+teamRouter.get("/admin/teamfaction",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamFaction);
+teamRouter.get("/admin/teamswithusers",checkRole("Admin", ["Respo CE"]) ,teamController.getAllTeamsWithUsers);
+teamRouter.put("/admin/modify",checkRole("Admin", ["Respo CE"]) ,teamController.modifyTeam);
+teamRouter.get("/admin/teamusers",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamUsers);
+teamRouter.delete("/admin/delete",checkRole("Admin", ["Respo CE"]) ,teamController.deleteTeam);
 teamRouter.post('/admin/distributeteam',checkRole("Admin"), teamController.teamDistribution);
 
 

backend/src/routes/user.routes.ts

@@ -9,7 +9,7 @@ const userRouter = express.Router();
 userRouter.get('/admin/getusersbypermission', checkRole("Admin"), userController.getUsersByPermission);
 userRouter.patch('/admin/user/:userId', checkRole("Admin"), userController.adminUpdateUser);
 userRouter.delete('/admin/user/:userId', checkRole("Admin"), userController.adminDeleteUser);
-userRouter.get('/admin/getusers', checkRole("Admin"), userController.getUsers);
+userRouter.get('/admin/getusers', checkRole("Admin"), userController.getUsersAdmin);
 userRouter.post('/admin/syncnewstudent', checkRole("Admin"), userController.syncNewstudent);